The subject of using SharePoint as an Extranet has come up in conversation a few times recently and I was wondering if the community pursue this option in their Farms? We used a very cool Extranet tool called Extradium on SP24, but I know there are other options out there (such as doing your own Forms Based auth). I am really interested to see how you do it? If you do extend SharePoint to your partners do you go for a completely separate Farm running SP Foundation? We also offer a solution to help manage third-party risk so would love to hear your thoughts on that.
Mark,
I have done it a couple ways. Depending on the requirements and security provided by the environment or policies therein.
One approach was to create another farm on a different domain and allow a one way trust from extranet to intranet. That way the Extranet farm will trust the accounts used from the intranet. All intranet accounts could get you into the extranet but the extranet accounts cannot get you into the intranet. THIS will also require another License for your extranet farm as well as extra Hardware and software requirements
Another approach used were to extend the web application. So in one aspect contoso.com:1111/ and contoso.com:2222/ all point to the same application with different security measures. You will call 1111 intranet and 2222 extranet. This can also be used to get around certain STIG requirements. So one instance you could allow anonymous login for the intranet site and Kerberos for the extranet. This allows users to use the CAC Card if typing the extranet address that can be accessed by outside of your domain users and also allowing access to the intranet only for internal users. There are a lot of configurations used to make this happen that involves how your network is configured as well. With extending the web application you will not need an extra license and also will not need any extra hardware or software than what you have.
Another way is to use an external site such as intelink and other sites that allow you to host SharePoint on their servers. The problem with this is that you have no control of maintenance of the servers and sometime limited to size of what you put out there. If you don’t have a lot of information for your extranet then this will be a great option. Again no license or software/hardware needed.
